From 59de2ae6de5a36335ab62a020d78cff9e81a8ccc Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:20:27 +0100 Subject: [PATCH 1/6] all.sh: re-enable CCM/GCM in test_full_no_cipher() Signed-off-by: Valerio Setti --- tests/scripts/all.sh | 3 --- 1 file changed, 3 deletions(-) diff --git a/tests/scripts/all.sh b/tests/scripts/all.sh index dba8e7865..21cc3b10e 100755 --- a/tests/scripts/all.sh +++ b/tests/scripts/all.sh @@ -1538,9 +1538,7 @@ component_test_full_no_cipher () { # (currently ignored anyway because we completely disable PSA) scripts/config.py unset MBEDTLS_PSA_CRYPTO_CONFIG # Disable features that depend on CIPHER_C - scripts/config.py unset MBEDTLS_CCM_C scripts/config.py unset MBEDTLS_CMAC_C - scripts/config.py unset MBEDTLS_GCM_C scripts/config.py unset MBEDTLS_NIST_KW_C scripts/config.py unset MBEDTLS_PKCS12_C scripts/config.py unset MBEDTLS_PKCS5_C @@ -1553,7 +1551,6 @@ component_test_full_no_cipher () { scripts/config.py unset MBEDTLS_USE_PSA_CRYPTO scripts/config.py unset MBEDTLS_LMS_C scripts/config.py unset MBEDTLS_LMS_PRIVATE - make CFLAGS='-DMBEDTLS_BLOCK_CIPHER_C' msg "test: full no CIPHER no PSA_CRYPTO_C" make test From dbfd6a9f62b15917249115575abe62919051b26a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:21:14 +0100 Subject: [PATCH 2/6] adjust_legacy_crypto: auto-enable BLOCK_CIPHER_C when CIPHER_C is not defined Signed-off-by: Valerio Setti --- include/mbedtls/config_adjust_legacy_crypto.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/include/mbedtls/config_adjust_legacy_crypto.h b/include/mbedtls/config_adjust_legacy_crypto.h index e4f6a2760..edb1057c6 100644 --- a/include/mbedtls/config_adjust_legacy_crypto.h +++ b/include/mbedtls/config_adjust_legacy_crypto.h @@ -22,8 +22,8 @@ #ifndef MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H #define MBEDTLS_CONFIG_ADJUST_LEGACY_CRYPTO_H -/* Temporary hack to pacify check_names.py. - * (GCM and CCM still hard-depend on CIPHER_C for now.) */ +/* GCM_C and CCM_C can either depend on (in order of preference) CIPHER_C or + * BLOCK_CIPHER_C. If the former is not defined, auto-enable the latter. */ #if (defined(MBEDTLS_GCM_C) || defined(MBEDTLS_CCM_C)) && \ !defined(MBEDTLS_CIPHER_C) #define MBEDTLS_BLOCK_CIPHER_C From 8db46e4ee10f7d95d4795a0c73aa7668a2d5ec75 Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:22:04 +0100 Subject: [PATCH 3/6] check_config: remove dependency check of CCM_C/GCM_C on CIPHER_C CCM_C/GCM_C can now work with either (in order of preference) CIPHER_C or BLOCK_CIPHER_C and the latter is auto-enabled in case the former is not enabled. As a consequence there is no need to enforce the dependency on CIPHER_C. Signed-off-by: Valerio Setti --- include/mbedtls/check_config.h | 8 -------- 1 file changed, 8 deletions(-) diff --git a/include/mbedtls/check_config.h b/include/mbedtls/check_config.h index 951db314e..7070dad7b 100644 --- a/include/mbedtls/check_config.h +++ b/include/mbedtls/check_config.h @@ -306,19 +306,11 @@ #error "MBEDTLS_CCM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_CCM_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_CCM_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_GCM_C) && ( \ !defined(MBEDTLS_AES_C) && !defined(MBEDTLS_CAMELLIA_C) && !defined(MBEDTLS_ARIA_C) ) #error "MBEDTLS_GCM_C defined, but not all prerequisites" #endif -#if defined(MBEDTLS_GCM_C) && !defined(MBEDTLS_CIPHER_C) -#error "MBEDTLS_GCM_C defined, but not all prerequisites" -#endif - #if defined(MBEDTLS_CHACHAPOLY_C) && !defined(MBEDTLS_CHACHA20_C) #error "MBEDTLS_CHACHAPOLY_C defined, but not all prerequisites" #endif From 9b7a8b2a0caac2e22fafde694946e11735410a9a Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:24:51 +0100 Subject: [PATCH 4/6] ccm/gcm: reaplace CIPHER_C functions with BLOCK_CIPHER_C ones Signed-off-by: Valerio Setti --- include/mbedtls/ccm.h | 8 +++++ include/mbedtls/gcm.h | 8 +++++ library/ccm.c | 78 +++++++++++++++++++++++++++++++++++++------ library/gcm.c | 57 ++++++++++++++++++++++++++++--- 4 files changed, 137 insertions(+), 14 deletions(-) diff --git a/include/mbedtls/ccm.h b/include/mbedtls/ccm.h index a98111b4e..8bf8c3238 100644 --- a/include/mbedtls/ccm.h +++ b/include/mbedtls/ccm.h @@ -40,6 +40,10 @@ #include "mbedtls/cipher.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "mbedtls/block_cipher.h" +#endif + #define MBEDTLS_CCM_DECRYPT 0 #define MBEDTLS_CCM_ENCRYPT 1 #define MBEDTLS_CCM_STAR_DECRYPT 2 @@ -80,7 +84,11 @@ typedef struct mbedtls_ccm_context { #MBEDTLS_CCM_DECRYPT or #MBEDTLS_CCM_STAR_ENCRYPT or #MBEDTLS_CCM_STAR_DECRYPT. */ +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#endif int MBEDTLS_PRIVATE(state); /*!< Working value holding context's state. Used for chunked data input */ } diff --git a/include/mbedtls/gcm.h b/include/mbedtls/gcm.h index 837cecc09..3925f6827 100644 --- a/include/mbedtls/gcm.h +++ b/include/mbedtls/gcm.h @@ -24,6 +24,10 @@ #include "mbedtls/cipher.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "mbedtls/block_cipher.h" +#endif + #include #define MBEDTLS_GCM_ENCRYPT 1 @@ -46,7 +50,11 @@ extern "C" { * \brief The GCM context structure. */ typedef struct mbedtls_gcm_context { +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_context_t MBEDTLS_PRIVATE(cipher_ctx); /*!< The cipher context used. */ +#else + mbedtls_block_cipher_context_t MBEDTLS_PRIVATE(block_cipher_ctx); /*!< The cipher context used. */ +#endif uint64_t MBEDTLS_PRIVATE(HL)[16]; /*!< Precalculated HTable low. */ uint64_t MBEDTLS_PRIVATE(HH)[16]; /*!< Precalculated HTable high. */ uint64_t MBEDTLS_PRIVATE(len); /*!< The total length of the encrypted data. */ diff --git a/library/ccm.c b/library/ccm.c index 2cccd2809..444351df0 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -23,6 +23,10 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "block_cipher_internal.h" +#endif + #include #if defined(MBEDTLS_PLATFORM_C) @@ -51,6 +55,8 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + +#if defined(MBEDTLS_CIPHER_C) const mbedtls_cipher_info_t *cipher_info; cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, @@ -73,6 +79,17 @@ int mbedtls_ccm_setkey(mbedtls_ccm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return MBEDTLS_ERR_CCM_BAD_INPUT; + } +#endif return 0; } @@ -85,7 +102,11 @@ void mbedtls_ccm_free(mbedtls_ccm_context *ctx) if (ctx == NULL) { return; } +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_free(&ctx->cipher_ctx); +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_ccm_context)); } @@ -104,16 +125,25 @@ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, const unsigned char *input, unsigned char *output) { - size_t olen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char tmp_buf[16] = { 0 }; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen)) != 0) { ctx->state |= CCM_STATE__ERROR; mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf)) != 0) { + ctx->state |= CCM_STATE__ERROR; + mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); + return ret; + } +#endif mbedtls_xor(output, input, tmp_buf + offset, use_len); @@ -132,7 +162,10 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t len_left, olen; + size_t len_left; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif /* length calculation can be done only after both * mbedtls_ccm_starts() and mbedtls_ccm_set_lengths() have been executed @@ -178,10 +211,17 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) } /* Start CBC-MAC with first block*/ +#if defined(MBEDTLS_CIPHER_C) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y)) != 0) { + ctx->state |= CCM_STATE__ERROR; + return ret; + } +#endif return 0; } @@ -258,7 +298,10 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, size_t add_len) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - size_t olen, use_len, offset; + size_t use_len, offset; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif if (ctx->state & CCM_STATE__ERROR) { return MBEDTLS_ERR_CCM_BAD_INPUT; @@ -298,8 +341,12 @@ int mbedtls_ccm_update_ad(mbedtls_ccm_context *ctx, add += use_len; if (use_len + offset == 16 || ctx->processed == ctx->add_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } @@ -322,7 +369,10 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char i; - size_t use_len, offset, olen; + size_t use_len, offset; +#if defined(MBEDTLS_CIPHER_C) + size_t olen; +#endif unsigned char local_output[16]; @@ -360,8 +410,12 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, mbedtls_xor(ctx->y + offset, ctx->y + offset, input, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; goto exit; } @@ -391,8 +445,12 @@ int mbedtls_ccm_update(mbedtls_ccm_context *ctx, memcpy(output, local_output, use_len); if (use_len + offset == 16 || ctx->processed == ctx->plaintext_len) { - if ((ret = - mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { +#if defined(MBEDTLS_CIPHER_C) + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); +#else + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; goto exit; } diff --git a/library/gcm.c b/library/gcm.c index 42fd02078..390bb3e15 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -25,6 +25,10 @@ #include "mbedtls/error.h" #include "mbedtls/constant_time.h" +#if !defined(MBEDTLS_CIPHER_C) +#include "block_cipher_internal.h" +#endif + #include #if defined(MBEDTLS_AESNI_C) @@ -59,12 +63,20 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) uint64_t hi, lo; uint64_t vl, vh; unsigned char h[16]; - size_t olen = 0; memset(h, 0, 16); + +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; + if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h)) != 0) { + return ret; + } +#endif /* pack h as two 64-bits ints, big-endian */ hi = MBEDTLS_GET_UINT32_BE(h, 0); @@ -124,12 +136,14 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, unsigned int keybits) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; - const mbedtls_cipher_info_t *cipher_info; if (keybits != 128 && keybits != 192 && keybits != 256) { return MBEDTLS_ERR_GCM_BAD_INPUT; } +#if defined(MBEDTLS_CIPHER_C) + const mbedtls_cipher_info_t *cipher_info; + cipher_info = mbedtls_cipher_info_from_values(cipher, keybits, MBEDTLS_MODE_ECB); if (cipher_info == NULL) { @@ -150,6 +164,17 @@ int mbedtls_gcm_setkey(mbedtls_gcm_context *ctx, MBEDTLS_ENCRYPT)) != 0) { return ret; } +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); + + if ((ret = mbedtls_block_cipher_setup(&ctx->block_cipher_ctx, cipher)) != 0) { + return ret; + } + + if ((ret = mbedtls_block_cipher_setkey(&ctx->block_cipher_ctx, key, keybits)) != 0) { + return ret; + } +#endif if ((ret = gcm_gen_table(ctx)) != 0) { return ret; @@ -252,8 +277,11 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; unsigned char work_buf[16]; const unsigned char *p; - size_t use_len, olen = 0; + size_t use_len; uint64_t iv_bits; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; +#endif /* IV is limited to 2^64 bits, so 2^61 bytes */ /* IV is not allowed to be zero length */ @@ -293,10 +321,18 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, gcm_mult(ctx, ctx->y, ctx->y); } + +#if defined(MBEDTLS_CIPHER_C) if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen)) != 0) { return ret; } +#else + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, + ctx->base_ectr)) != 0) { + return ret; + } +#endif return 0; } @@ -386,8 +422,9 @@ static int gcm_mask(mbedtls_gcm_context *ctx, const unsigned char *input, unsigned char *output) { - size_t olen = 0; int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; +#if defined(MBEDTLS_CIPHER_C) + size_t olen = 0; if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen)) != 0) { @@ -395,6 +432,14 @@ static int gcm_mask(mbedtls_gcm_context *ctx, return ret; } +#else + + if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr)) != 0) { + mbedtls_platform_zeroize(ectr, 16); + return ret; + } +#endif + if (ctx->mode == MBEDTLS_GCM_DECRYPT) { mbedtls_xor(ctx->buf + offset, ctx->buf + offset, input, use_len); } @@ -614,7 +659,11 @@ void mbedtls_gcm_free(mbedtls_gcm_context *ctx) if (ctx == NULL) { return; } +#if defined(MBEDTLS_CIPHER_C) mbedtls_cipher_free(&ctx->cipher_ctx); +#else + mbedtls_block_cipher_free(&ctx->block_cipher_ctx); +#endif mbedtls_platform_zeroize(ctx, sizeof(mbedtls_gcm_context)); } From dd426da7b8cbd4e9a312a50c15452ce50741643c Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Thu, 16 Nov 2023 08:53:48 +0100 Subject: [PATCH 5/6] added changelog Signed-off-by: Valerio Setti --- ChangeLog.d/8060.txt | 4 ++++ 1 file changed, 4 insertions(+) create mode 100644 ChangeLog.d/8060.txt diff --git a/ChangeLog.d/8060.txt b/ChangeLog.d/8060.txt new file mode 100644 index 000000000..a5fd93c8d --- /dev/null +++ b/ChangeLog.d/8060.txt @@ -0,0 +1,4 @@ +Features + * The CCM and GCM modules no longer depend on MBEDTLS_CIPHER_C. People who + use CCM and GCM but don't need the Cipher API can now disable + MBEDTLS_CIPHER_C in order to save code size. From d0eebc1f94cd2dd9f1543e46463ed416261b6fca Mon Sep 17 00:00:00 2001 From: Valerio Setti Date: Mon, 20 Nov 2023 15:17:53 +0100 Subject: [PATCH 6/6] ccm/gcm: improve code maintainability Signed-off-by: Valerio Setti --- library/ccm.c | 23 ++++++++--------------- library/gcm.c | 36 +++++++++++++----------------------- 2 files changed, 21 insertions(+), 38 deletions(-) diff --git a/library/ccm.c b/library/ccm.c index 444351df0..6700dc743 100644 --- a/library/ccm.c +++ b/library/ccm.c @@ -130,20 +130,15 @@ static int mbedtls_ccm_crypt(mbedtls_ccm_context *ctx, #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, - &olen)) != 0) { - ctx->state |= CCM_STATE__ERROR; - mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->ctr, 16, tmp_buf, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->ctr, tmp_buf); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; mbedtls_platform_zeroize(tmp_buf, sizeof(tmp_buf)); return ret; } -#endif mbedtls_xor(output, input, tmp_buf + offset, use_len); @@ -212,16 +207,14 @@ static int ccm_calculate_first_block_if_ready(mbedtls_ccm_context *ctx) /* Start CBC-MAC with first block*/ #if defined(MBEDTLS_CIPHER_C) - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen)) != 0) { - ctx->state |= CCM_STATE__ERROR; - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->y, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->y); +#endif + if (ret != 0) { ctx->state |= CCM_STATE__ERROR; return ret; } -#endif return 0; } diff --git a/library/gcm.c b/library/gcm.c index 390bb3e15..8181ec88a 100644 --- a/library/gcm.c +++ b/library/gcm.c @@ -68,15 +68,13 @@ static int gcm_gen_table(mbedtls_gcm_context *ctx) #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen)) != 0) { - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, h, 16, h, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, h, h); +#endif + if (ret != 0) { return ret; } -#endif /* pack h as two 64-bits ints, big-endian */ hi = MBEDTLS_GET_UINT32_BE(h, 0); @@ -323,16 +321,13 @@ int mbedtls_gcm_starts(mbedtls_gcm_context *ctx, #if defined(MBEDTLS_CIPHER_C) - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, - ctx->base_ectr, &olen)) != 0) { - return ret; - } + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ctx->base_ectr, &olen); #else - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, - ctx->base_ectr)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ctx->base_ectr); +#endif + if (ret != 0) { return ret; } -#endif return 0; } @@ -423,22 +418,17 @@ static int gcm_mask(mbedtls_gcm_context *ctx, unsigned char *output) { int ret = MBEDTLS_ERR_ERROR_CORRUPTION_DETECTED; + #if defined(MBEDTLS_CIPHER_C) size_t olen = 0; - - if ((ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, - &olen)) != 0) { - mbedtls_platform_zeroize(ectr, 16); - return ret; - } - + ret = mbedtls_cipher_update(&ctx->cipher_ctx, ctx->y, 16, ectr, &olen); #else - - if ((ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr)) != 0) { + ret = mbedtls_block_cipher_encrypt(&ctx->block_cipher_ctx, ctx->y, ectr); +#endif + if (ret != 0) { mbedtls_platform_zeroize(ectr, 16); return ret; } -#endif if (ctx->mode == MBEDTLS_GCM_DECRYPT) { mbedtls_xor(ctx->buf + offset, ctx->buf + offset, input, use_len);